Question 1

CCM: A hypothetical company called "lnfrastructure4Sure" provides Infrastructure as a Service (IaaS) to its clients. A customer wants to review Infrastructure4Sure's hypervisor security implementation measures. Which of the following measures should Infrastructure4Sure implement?

Options :

A : Choose a hypervisor with a smaller footprint for a reduced attack surface

B : Harden the hypervisor-s configuration to increase areas of vulnerability (e.g., disabling memory sharing between VMs running within the same hypervisor hosts).

C : Connect unused physical hardware devices and enable clipboard or file-sharing services

D : Monitor for signs of compromise by analyzing hypervisor logs on an ongoing basis

E : A and D

Answer: A

Question 2

Which of the following statements are NOT requirements of governance and enterprise risk management in a

cloud environment?

Options :

A :

Inspect and account for risks inherited from other members of the cloud supply chain and take active

measures to mitigate and contain risks through operational resiliency.

B :

Respect the interdependency of the risks inherent in the cloud supply chain and communicate the corporate

risk posture and readiness to consumers and dependent parties.

C :

Negotiate long-term contracts with companies who use well-vetted software application to avoid the

transient nature of the cloud environment.

D :

Provide transparency to stakeholders and shareholders demonstrating fiscal solvency and organizational

transparency.

E : Both B and C.

Answer: C

Question 3

ENISA: Which of the following is among the vulnerabilities contributing to a high risk ranking for Network Management?

Options :

A : User provisioning vulnerabilities

B : AAA vulnerabilities

C : System or O/S vulnerabilities

D : Hypervisor vulnerabilities

E : Inadequate physical security procedures

Answer: C

Question 4

In a cloud context, what does entitlement refer to in relation to a user's permissions?

Options :

A : The authentication methods a user is required to use when accessing the cloud environment.

B : The level of technical support a user is entitled to from the cloud service provider.

C : The resources or services a user is granted permission to access in the cloud environment.

D : The ability for a user to grant access permissions to other users in the cloud environment.

Answer: C

Question 5

Access controls should be architected into which three layers? (Choose three)

Options :

A : Management plane

B : Public and internal sharing controls

C : Workload controls

D : Application-level controls

Answer: A,B,D